Swagger 2.0 where to declare Basic Auth Schema

Question

How do I define basic authentication using Swagger 2.0 annotations and have it display in swagger UI.

In the resource I have:

@ApiOperation(value = "Return list of categories", response=Category.class, responseContainer="List", httpMethod="GET", authorizations = {@Authorization(value="basicAuth")})
public Response getCategories();

I looked here:

https://github.com/swagger-api/swagger-core/wiki/Annotations#authorization-authorizationscope

And it says "Once you've declared and configured which authorization schemes you support in your API, you can use these annotation to note which authorization scheme is required on a resource or a specific operation" But I can't find anything that talks about where to declare and configure the authorization schemes.

Update:

I found code on how to declare the schema, but I still do not see any information about the authentication schema in the UI. I'm not sure what I am missing

@SwaggerDefinition
public class MyApiDefinition implements ReaderListener {
    public static final String BASIC_AUTH_SCHEME = "basicAuth";

    @Override
    public void beforeScan(Reader reader, Swagger swagger) {
    }

    @Override
    public void afterScan(Reader reader, Swagger swagger) {
        BasicAuthDefinition basicAuthDefinition = new BasicAuthDefinition();
        swagger.addSecurityDefinition(BASIC_AUTH_SCHEME, basicAuthDefinition);
    }
}

score 21 · Answer 1 · answered May 28 '17 at 13:35

Using Springfox 2.6 annotations, you must first define Basic authentication as one of the security schemes when you set up the Docket in your configuration, like this:

List<SecurityScheme> schemeList = new ArrayList<>();
schemeList.add(new BasicAuth("basicAuth"));

return new 
  Docket(DocumentationType.SWAGGER_2).apiInfo(apiInfo)
                                     .securitySchemes(schemeList)
                                     ...

Then you can use the Springfox annotations in your service to set Basic Auth for the operation for which you want to require authentication:

@ApiOperation(value = "Return list of categories", response=Category.class, responseContainer="List", httpMethod="GET", authorizations = {@Authorization(value="basicAuth")})
public Response getCategories();

score 6 · Answer 2 · answered Oct 26 '16 at 15:36

I struggeled with this as well. In my case i used the swagger-maven-plugin. To solve this i added this within the maven plugin:

<securityDefinitions>
  <securityDefinition>
    <name>basicAuth</name>
    <type>basic</type>
  </securityDefinition>
</securityDefinitions>

After that i was able to add it on my resource like this:

@Api(value = "My REST Interface", authorizations = {@Authorization(value="basicAuth")})

The generated json included the security element for each endpoint:

"security":[{
  "basicAuth" : []
 }]

And the security definition:

  "securityDefinitions" : {
    "basicAuth" : {
      "type" : "basic"
    }
  }

I hope this helps others as well.

Do you mind to share the documentation of your source? Your solution works for me, and I would like to learn more. — Pankwood, Oct 21 '22 at 19:48

score 0 · Answer 3 · answered Apr 26 '17 at 04:53

You can use the @SwaggerDefinition http://swagger.io/customizing-your-auto-generated-swagger-definitions-in-1-5-x/

or you can configure the swagger object directly, here's an example http://www.programcreek.com/java-api-examples/index.php?source_dir=rakam-master/rakam/src/main/java/org/rakam/WebServiceRecipe.java

Swagger 2.0 where to declare Basic Auth Schema

3 Answers3

Linked